Microsoft Office Zero-Day Exploited Days After Emergency Patch, Update ASAP

A hole in Microsoft Office is being exploited by bad actors, including Russian hackers targeting Ukraine's government.
The Hacker News

APT28 Uses Microsoft Office CVE-2026-21509 in Espionage-Focused Malware Attacks

APT28 exploited a Microsoft Office flaw to deliver MiniDoor and Covenant Grunt malware in targeted attacks across Ukraine and Eastern Europe.
CSO Online

Notepad++ infrastructure hijacked by Chinese APT in sophisticated supply chain attack

The hosting provider's compromise allowed attackers to deliver malware through tainted software updates for six months.

The Notepad++ website was hijacked by 'malicious actors' last year and security researchers are picking through the wreckage

It's believed that, between June and November 10/December 2, 2025 (independent security experts and its hosting provider ...